Our Blog
The source
Welcome to our blog, The Source.
I know that business compliance can sometimes be overwhelming and I want to help you find your way to being and staying complaint.
THS SOURCE is a place for you to access and find out about the latest topics and insights that could impact your compliance for GDPR, ISO, Cyber Security and PCI DSS.
Howard Freeman
GDPR Adoption…the reality
It is almost four and a half years since the GDPR became enforced in May of 2018. Since that date, when the world went mad over consent, subscriptions and other connection requests that most of the requestors ignored, we have had Harry and Megan, Brexit, Covid-19 and...
What is the cost of PCI DSS Compliance?
The PCI DSS (Payment Card Industry Data Security Standard) compliance is not easy or inexpensive. In fact, depending on the size of your organisation and the complexity of your CDE (cardholder data environment), it could take months and cost tens of...
Yodel Hack – Parcel Delivery Delays
The delivery service company Yodel has suffered a “cyber incident” resulting in widespread disruption. Customers awaiting deliveries noted that Yodel’s systems were offline last weekend. Yodel said: “We are working to restore our operations as quickly as possible but...
Meta (Facebook) Fined £14 Million
Meta has been fined €17 million for twelve breaches of the EU GDPR. The company, formerly known as Facebook, violated several GDPR (General Data Protection Regulation) requirements. More than 30 million people have been affected. The Irish DPC (Data...
Special Categories of Data
What is special category data? Found out here. Special category data is personal data that needs more protection because it is sensitive.In order to lawfully process special category data, you must identify both a lawful basis under Article 6 of the UK GDPR. You also...
Six Data Privacy Mistakes every company makes
Does the following sentence sound familiar? “I have read and accepted the privacy policy.” This checkbox is found beneath various online forms. It’s completely superfluous. There is no need to accept a privacy policy because it merely serves an informational...